zlacker

By default, Program Files is not writable by non-Administrators. This is likely done by some background service. Or they loosened the default file permissions (which would be dumb).

No reason this can't be done on Linux but since NT's security model is more flexible it's a lot easier to do so on Windows. You'd need to add dedicated users. (Running a Steam daemon as root would probably cause an uproar.)

replies(1): >>Dylan1+H2

>>schmuc+(OP)
They loosen the permissions on the steam folder on windows. I would have expected just the library folder but apparently it's the whole thing.

replies(1): >>schmuc+74

>>Dylan1+H2
Oof. The correct location for this is C:\ProgramData

Developers who knowingly reduce or disable default Windows security settings should be censured. Because in 99% of cases it is due to ignorance or plain laziness.

replies(2): >>Dylan1+D4 >>immibi+jv

>>schmuc+74
Well ProgramData didn't exist when they designed it, and the crime of putting their folder in the wrong place is a pretty minor one. They don't change the permissions of anything outside Steam.

It doesn't "reduce or disable default Windows security settings" in a meaningful way if you say to yourself "that folder effectively is in ProgramData, but spelled wrong".

replies(1): >>schmuc+s6

>>Dylan1+D4
CSIDL_COMMON_APPDATA is the API call to get this special folder which has been around since <checks notes> Windows 2000, 26 years ago.

You should never hardcode the path since it can and has moved around, though MS has implemented hard links to legacy paths because most developers are stupid and against persistent better advice do it anyway. I've seen multi-million dollar software packages whose vendor requires it to be writable by "Everyone".

Steam was first released in 2003, three years later.

For 80% of grievances about Windows, there is likely a solution in place that no one knows about because they didn't read the documentation.

replies(3): >>Dylan1+he >>Sleake+Rf >>Brybry+vg

>>schmuc+s6
Back when it was actually AppData in the user documents folder, that doesn't seem like the right place to install many gigabytes of games.

And it's the same permissions either way. This isn't about permissions, it's about where they put the folder.

>>schmuc+s6
And steam was originally released to be compatible with Windows 98. windows 2000 wasn't widely used as a consumer installed OS.

replies(1): >>schmuc+ii

>>schmuc+s6
Steam's original system requirements in the 2002 beta included Windows 98. [1]

They didn't stop advertising Win98 support until sometime in early 2007.

Granted, Steam back then was a different creature than Steam now.

[1] https://web.archive.org/web/20020605222619/http://www.steamp...

replies(1): >>schmuc+Qh

>>Brybry+vg
So you're saying they've had 18+ years to remove legacy cruft put in there to support a nearly 28 year old legacy OS that had no real multi-user support and basically zero security?

replies(1): >>Gabrie+Yu

>>Sleake+Rf
> windows 2000 wasn't widely used as a consumer installed OS

But Windows XP, which came out in 2001, inherited everything from Windows 2000 and more, and was used extensively for gaming.

replies(1): >>Sleake+GF1

>>schmuc+Qh
Moving away from Program Files would cost far more than it's worth - it'd cause lots of issue for a massive amount of users and be of very little value for others, when the only practical issue with the Steam folder being in Program Files right now is people going "oh I didn't expect that directory to be writable I guess" which is not something worth spending a bunch of time orchestrating a massive transition over.

replies(1): >>schmuc+cE

>>schmuc+74
Really? Programs installed by non-administrators should go in ProgramData?

The actual solution, which remains both compatible and consistent with the security model, is that you should have to be administrator and pass UAC to install a game, just like you do to install anything else.

>>Gabrie+Yu
It's literally in the name: PROGRAM files. It was never meant to store variable data.

It's also assumed that its contents can be safely restored from original sources, so Program Files is often not backed up - because it's wasteful and not needed.

Rogue developers thinking they know better than the people who actually designed the system and ignoring the rules put in place is the source of an untold number of problems in the software world. It's absolutely stupid and I have no empathy for the problems caused as a result of their laziness. This attitude is why modern Linux is a complete clusterfuck, a free-for-all with components duct taped together every which way. Do it right or don't do it at all.

replies(1): >>Dylan1+xP

>>schmuc+cE
How are the games not programs?

The save files don't go in the steam folder, they go into per-user Documents or AppData.

replies(1): >>imtrin+eT1

>>schmuc+ii
Absolutely and first iterations of steam hardware survey showed mostly XP users, but still 5-7% win 98 install base, which they maintained compatibility with for quite a while, that's just to say that I can see why they might not have used those specific windows APIs at the start.

>>Dylan1+xP
There is something oddly satisyfing that in 2026, there are people out there complaining that Steam installs programs into Program Files.